Resource Limitation: Security timeout¶

Identifier: frontend_timeout

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Frontend applications without proper timeout limits can be exploited by attackers sending heavy or complex requests that consume resources and potentially deny service to legitimate users.

How we test: We analyze frontend application behavior and send requests designed to trigger timeouts. We monitor response times and check if timeout limits are properly configured to prevent denial of service attacks through resource exhaustion.

References:

https://medium.com/workflowgen/graphql-query-timeout-and-complexity-management-fab4d7315d8d

Configuration¶

Example¶

Example configuration:

---
security_tests:
  frontend_timeout:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.